Re: [secdir] Secdir review of draft-ietf-simple-chat-16
"Miguel A. Garcia" <Miguel.A.Garcia@ericsson.com> Mon, 17 September 2012 14:17 UTC
Return-Path: <miguel.a.garcia@ericsson.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A49421F842D; Mon, 17 Sep 2012 07:17:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.256
X-Spam-Level:
X-Spam-Status: No, score=-6.256 tagged_above=-999 required=5 tests=[AWL=-0.007, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cExr3axgyYHJ; Mon, 17 Sep 2012 07:17:55 -0700 (PDT)
Received: from mailgw2.ericsson.se (mailgw2.ericsson.se [193.180.251.37]) by ietfa.amsl.com (Postfix) with ESMTP id D8DF121F8437; Mon, 17 Sep 2012 07:17:54 -0700 (PDT)
X-AuditID: c1b4fb25-b7f046d00000644c-6b-505731115769
Received: from esessmw0247.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw2.ericsson.se (Symantec Mail Security) with SMTP id 2F.6E.25676.11137505; Mon, 17 Sep 2012 16:17:53 +0200 (CEST)
Received: from [159.107.24.224] (153.88.115.8) by esessmw0247.eemea.ericsson.se (153.88.115.94) with Microsoft SMTP Server id 8.3.264.1; Mon, 17 Sep 2012 16:17:53 +0200
Message-ID: <5057310F.3050903@ericsson.com>
Date: Mon, 17 Sep 2012 16:17:51 +0200
From: "Miguel A. Garcia" <Miguel.A.Garcia@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:15.0) Gecko/20120907 Thunderbird/15.0.1
MIME-Version: 1.0
To: Vincent Roca <vincent.roca@inria.fr>
References: <50F825B5-5FDA-4F28-BDE2-7A77B6FF87AF@inria.fr>
In-Reply-To: <50F825B5-5FDA-4F28-BDE2-7A77B6FF87AF@inria.fr>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprHLMWRmVeSWpSXmKPExsUyM+Jvra6gYXiAwZv1ihbNa18wWcz4M5HZ 4sPChywWPav6WRxYPJYs+cnkMenFIRaPL5c/swUwR3HZpKTmZJalFunbJXBlLLq9na1gq1jF pubyBsZlgl2MnBwSAiYSC450MELYYhIX7q1n62Lk4hASOMUosWT2N3YIZw2jRN/VW0AZDg5e AW2J3s+6IA0sAqoSz3bdZwGx2QTMJVo3bmQHsUUFgiXObdzGBmLzCghKnJz5BKxGREBD4u7D 18wgM5kFFjBKfHw9jxFkpjBQ8/KLkiA1QgLWEpv/tIMdxClgI7Hr+FpmEJtZwFbiwpzrLBC2 vMT2t3OYIeo1JSbfXMo8gVFwFpJ1s5C0zELSsoCReRWjcG5iZk56uZFealFmcnFxfp5eceom RmAYH9zyW3UH451zIocYpTlYlMR5rbfu8RcSSE8sSc1OTS1ILYovKs1JLT7EyMTBKdXAOHnN kdpvlhZLFmef0LL2NLz+ZLqtv8ChmVGKqyUTfQ9oXDdJ28M5c3XzsczNziy8lkLV2e3bJ3RY HfzKZx0/P1bvs9a9fRUdQY8n8thePrIiKIchPd2kN2hd5ItzU6ULGXZFdTJsEjHccJI76ume XDHrooanprfVXBt3lWk6yweZVC82SNZUYinOSDTUYi4qTgQA0Dr96zECAAA=
Cc: "draft-ietf-simple-chat.all@tools.ietf.org" <draft-ietf-simple-chat.all@tools.ietf.org>, IESG IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Secdir review of draft-ietf-simple-chat-16
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Sep 2012 14:17:56 -0000
Hi Vincent: Thanks for your comments, please see my inline answers. On 11/09/2012 16:14, Vincent Roca wrote: > Hello, > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > > Since we already exchanged emails during the secdir review of version > -14 of this document, I'll be brief. > > > ** It is said: > > "If a participant wants to avoid eavesdropping, the participant's MSRP > client can send the messages over a TLS [RFC5246] transport > connection, as allowed by MSRP. It's up to the policy of the MSRP > switch if the messages are forwarded to the other participant's in > the chat room using TLS [RFC5246] transport." > > A participant cannot prevent eavesdropping if he does not control > the end-to-end use of TLS. Additionally, as discussed previously, > there are other benefits in the use of TLS, like preventing faked packet > injection, or on-the-fly corruption of messages. So I suggest to clarify a > bit: > > NEW: > > "If a participant wants to avoid security concerns on the path between > himself and the MSRP switch (e.g., eavesdropping, faked packet injection > or packet corruption), ..." > > Perfect. > ** About attacks with close but different nicknames: > I see that a new paragraph has been added to section 7.1 to discuss > this issue. That's excellent. However the security section does not > provide any pointer to this discussion, nor does it mention the problem. > The only aspect discussed is the reuse of nicknames which is a different > (but important) topic. So I suggest to add a paragraph: > > NEW: > > "Section 7.1.discusses the problem of similar but different > nicknames (e.g., thanks to the use of similar characters), > and chat rooms MAY provide a mechanism to mitigate confusable > nicknames." Excellent, paragraph added. > > > BTW, current I-D says that a chat room **MAY** provide such a mechanism. > Should we change it for SHOULD? Said differently, is there a good reason > for a chat room not to perform such verifications? If the answer is yes, > then we can keep MAY. Well, the problem is that having a MUST, SHOULD, or MAY to hyperspace has the same effect. My point is that if we have a clear and precise mechanism to mandate, we should mandate it. But not having a clear mechanism means that the change of a MAY for a SHOULD or a MUST has no effect in live deployments. BR, Miguel > > > Cheers, > > Vincent > -- Miguel A. Garcia +34-91-339-3608 Ericsson Spain
- [secdir] Secdir review of draft-ietf-simple-chat-… Vincent Roca
- Re: [secdir] Secdir review of draft-ietf-simple-c… Miguel A. Garcia